﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Claims;
using System.Threading.Tasks;
using System.Web;
using System.Web.Mvc;
using Microsoft.AspNet.Identity;
using Microsoft.AspNet.Identity.EntityFramework;
using Microsoft.Owin.Security;
using EShopV20.Models;
using System.Data.Entity;

namespace EShopV20.Controllers
{
    [Authorize]
    public class AccountController : Controller
    {
        public AccountController()
            : this(new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(new ApplicationDbContext())))
        {
        }

        public AccountController(UserManager<ApplicationUser> userManager)
        {
            UserManager = userManager;
        }

        public UserManager<ApplicationUser> UserManager { get; private set; }

        /*
         * Sửa đổi hồ sơ cá nhân
         */
        public ActionResult Edit()
        {
            using(var db = new EShopV20DbContext()){
                var model = db.Customers.Find(User.Identity.Name);
                return View(model);
            }
        }
        [HttpPost]
        public ActionResult Edit(Customer model)
        {
            var photo = Request.Files["upPhoto"];
            if (photo.ContentLength > 0)
            {
                var fileName = model.Id +
                    photo.FileName.Substring(photo.FileName.LastIndexOf("."));
                photo.SaveAs(Server.MapPath("~/Images/Customers/" + fileName));
                model.Photo = fileName;
            }
            if (ModelState.IsValid)
            {
                using (var db = new EShopV20DbContext())
                {
                    try
                    {
                        db.Entry(model).State = EntityState.Modified;
                        db.SaveChanges();
                        ModelState.AddModelError("", "Cập nhật hồ sơ thành công !");
                    }
                    catch
                    {
                        ModelState.AddModelError("", "Lỗi cập nhật hồ sơ !");
                    }
                }
            }
            return View(model);
        }

        /*
         * Quên mật khẩu
         */
        [AllowAnonymous]
        public ActionResult Forgot()
        {
            return View();
        }
        [AllowAnonymous, HttpPost]
        public ActionResult Forgot(String UserName, String Email)
        {
            var tokenCode = Guid.NewGuid().ToString();

            var user = UserManager.FindByName(UserName);
            if (user != null)
            {
                using (var db = new EShopV20DbContext())
                {
                    var cust = db.Customers.Find(UserName);
                    if (cust.Email == Email)
                    {
                        UserManager.RemovePassword(user.Id);
                        UserManager.AddPassword(user.Id, tokenCode);

                        var to = Email;
                        var subject = "Reset password !";
                        var body = "Sử dụng mã " + tokenCode + " để đặt lại mật khẩu của bạn !";
                        XMail.Send(to, subject, body);

                        return RedirectToAction("Reset");
                    }
                    ModelState.AddModelError("", "Không đúng email lúc đăng ký !");
                }
            }
            else
            {
                ModelState.AddModelError("", "Không đúng tên đăng nhập !");
            }
            return View();
        }

        /*
         * Khởi tạo lại mật khẩu
         */
        [AllowAnonymous]
        public ActionResult Reset()
        {
            return View();
        }
        [AllowAnonymous, HttpPost]
        public ActionResult Reset(String UserName, String TokenCode, String NewPassword, String ConfirmPassword)
        {
            if (ConfirmPassword == NewPassword)
            {
                var user = UserManager.FindByName(UserName);
                if (user != null)
                {
                    var result = UserManager.ChangePassword(user.Id, TokenCode, NewPassword);
                    if (result.Succeeded)
                    {
                        return RedirectToAction("Login");
                    }
                    ModelState.AddModelError("", "Khởi tạo lại mật khẩu lỗi !");
                }
                else
                {
                    ModelState.AddModelError("", "Sai tên đăng nhập !");
                }
            }
            else
            {
                ModelState.AddModelError("", "Xác nhận mật khẩu không đúng !");
            }
            return View();
        }

        /*
         * Kích hoạt tài khoản
         */
        [AllowAnonymous]
        public ActionResult Activate(string Id)
        {
            using (var db = new EShopV20DbContext())
            {
                var cust = db.Customers.Find(Id.FromBase64());
                if (cust != null)
                {
                    cust.Activated = true;
                    db.SaveChanges();
                    return RedirectToAction("Login");
                }
            }
            return RedirectToAction("Register");
        }

        //
        // GET: /Account/Login
        [AllowAnonymous]
        public ActionResult Login(string returnUrl)
        {
            ViewBag.ReturnUrl = returnUrl;
            return View();
        }

        //
        // POST: /Account/Login
        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
        {
            if (ModelState.IsValid)
            {
                var user = await UserManager.FindAsync(model.UserName, model.Password);
                if (user != null)
                {
                    /*
                     * Kiểm tra kích hoạt tài khoản hay chưa
                     */
                    using (var db = new EShopV20DbContext())
                    {
                        var cust = db.Customers.Find(model.UserName);
                        if (cust.Activated)
                        {
                            await SignInAsync(user, model.RememberMe);
                            return RedirectToLocal(returnUrl);
                        }
                        else
                        {
                            ModelState.AddModelError("", "Your account is not activated");
                        }
                    }
                }
                else
                {
                    ModelState.AddModelError("", "Invalid username or password.");
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }

        //
        // GET: /Account/Register
        [AllowAnonymous]
        public ActionResult Register()
        {
            return View();
        }

        //
        // POST: /Account/Register
        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public async Task<ActionResult> Register(Customer model)
        {
            var photo = Request.Files["upPhoto"];
            if (photo.ContentLength > 0)
            {
                var fileName = model.Id + 
                    photo.FileName.Substring(photo.FileName.LastIndexOf("."));
                photo.SaveAs(Server.MapPath("~/Images/Customers/" + fileName));
                model.Photo = fileName;
            }

            if (ModelState.IsValid)
            {
                var user = new ApplicationUser() { UserName = model.Id };
                var result = await UserManager.CreateAsync(user, model.Password);
                if (result.Succeeded)
                {
                    /*
                     * Thêm khách hàng vào Customers và gửi email kích hoạt tài khoản
                     */
                    using (var db = new EShopV20DbContext())
                    {
                        // Bổ sung Khách hàng mới
                        db.Customers.Add(model);
                        db.SaveChanges();

                        // Gửi email kích hoạt
                        var to = model.Email;
                        var subject = "Welcome to EShopV20";
                        var url = Request.Url.AbsoluteUri
                            .Replace("Register", "Activate/" + XString.ToBase64(model.Id));
                        var body = "<a href='" + url + "'>Activate</a> your account !";
                        XMail.Send(to, subject, body);
                    }
                    //await SignInAsync(user, isPersistent: false);
                    return RedirectToAction("Login", "Account");
                }
                else
                {
                    AddErrors(result);
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }

        //
        // POST: /Account/Disassociate
        [HttpPost]
        [ValidateAntiForgeryToken]
        public async Task<ActionResult> Disassociate(string loginProvider, string providerKey)
        {
            ManageMessageId? message = null;
            IdentityResult result = await UserManager.RemoveLoginAsync(User.Identity.GetUserId(), new UserLoginInfo(loginProvider, providerKey));
            if (result.Succeeded)
            {
                message = ManageMessageId.RemoveLoginSuccess;
            }
            else
            {
                message = ManageMessageId.Error;
            }
            return RedirectToAction("Manage", new { Message = message });
        }

        //
        // GET: /Account/Manage
        public ActionResult Manage(ManageMessageId? message)
        {
            ViewBag.StatusMessage =
                message == ManageMessageId.ChangePasswordSuccess ? "Your password has been changed."
                : message == ManageMessageId.SetPasswordSuccess ? "Your password has been set."
                : message == ManageMessageId.RemoveLoginSuccess ? "The external login was removed."
                : message == ManageMessageId.Error ? "An error has occurred."
                : "";
            ViewBag.HasLocalPassword = HasPassword();
            ViewBag.ReturnUrl = Url.Action("Manage");
            return View();
        }

        //
        // POST: /Account/Manage
        [HttpPost]
        [ValidateAntiForgeryToken]
        public async Task<ActionResult> Manage(ManageUserViewModel model)
        {
            bool hasPassword = HasPassword();
            ViewBag.HasLocalPassword = hasPassword;
            ViewBag.ReturnUrl = Url.Action("Manage");
            if (hasPassword)
            {
                if (ModelState.IsValid)
                {
                    IdentityResult result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword);
                    if (result.Succeeded)
                    {
                        return RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess });
                    }
                    else
                    {
                        AddErrors(result);
                    }
                }
            }
            else
            {
                // User does not have a password so remove any validation errors caused by a missing OldPassword field
                ModelState state = ModelState["OldPassword"];
                if (state != null)
                {
                    state.Errors.Clear();
                }

                if (ModelState.IsValid)
                {
                    IdentityResult result = await UserManager.AddPasswordAsync(User.Identity.GetUserId(), model.NewPassword);
                    if (result.Succeeded)
                    {
                        return RedirectToAction("Manage", new { Message = ManageMessageId.SetPasswordSuccess });
                    }
                    else
                    {
                        AddErrors(result);
                    }
                }
            }

            // If we got this far, something failed, redisplay form
            return View(model);
        }

        //
        // POST: /Account/ExternalLogin
        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public ActionResult ExternalLogin(string provider, string returnUrl)
        {
            // Request a redirect to the external login provider
            return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl }));
        }

        //
        // GET: /Account/ExternalLoginCallback
        [AllowAnonymous]
        public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
        {
            var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
            if (loginInfo == null)
            {
                return RedirectToAction("Login");
            }

            // Sign in the user with this external login provider if the user already has a login
            var user = await UserManager.FindAsync(loginInfo.Login);
            if (user != null)
            {
                await SignInAsync(user, isPersistent: false);
                return RedirectToLocal(returnUrl);
            }
            else
            {
                // If the user does not have an account, then prompt the user to create an account
                ViewBag.ReturnUrl = returnUrl;
                ViewBag.LoginProvider = loginInfo.Login.LoginProvider;
                return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { UserName = loginInfo.DefaultUserName });
            }
        }

        //
        // POST: /Account/LinkLogin
        [HttpPost]
        [ValidateAntiForgeryToken]
        public ActionResult LinkLogin(string provider)
        {
            // Request a redirect to the external login provider to link a login for the current user
            return new ChallengeResult(provider, Url.Action("LinkLoginCallback", "Account"), User.Identity.GetUserId());
        }

        //
        // GET: /Account/LinkLoginCallback
        public async Task<ActionResult> LinkLoginCallback()
        {
            var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync(XsrfKey, User.Identity.GetUserId());
            if (loginInfo == null)
            {
                return RedirectToAction("Manage", new { Message = ManageMessageId.Error });
            }
            var result = await UserManager.AddLoginAsync(User.Identity.GetUserId(), loginInfo.Login);
            if (result.Succeeded)
            {
                return RedirectToAction("Manage");
            }
            return RedirectToAction("Manage", new { Message = ManageMessageId.Error });
        }

        //
        // POST: /Account/ExternalLoginConfirmation
        [HttpPost]
        [AllowAnonymous]
        [ValidateAntiForgeryToken]
        public async Task<ActionResult> ExternalLoginConfirmation(ExternalLoginConfirmationViewModel model, string returnUrl)
        {
            if (User.Identity.IsAuthenticated)
            {
                return RedirectToAction("Manage");
            }

            if (ModelState.IsValid)
            {
                // Get the information about the user from the external login provider
                var info = await AuthenticationManager.GetExternalLoginInfoAsync();
                if (info == null)
                {
                    return View("ExternalLoginFailure");
                }
                var user = new ApplicationUser() { UserName = model.UserName };
                var result = await UserManager.CreateAsync(user);
                if (result.Succeeded)
                {
                    result = await UserManager.AddLoginAsync(user.Id, info.Login);
                    if (result.Succeeded)
                    {
                        await SignInAsync(user, isPersistent: false);
                        return RedirectToLocal(returnUrl);
                    }
                }
                AddErrors(result);
            }

            ViewBag.ReturnUrl = returnUrl;
            return View(model);
        }

        //
        // POST: /Account/LogOff
        //[HttpPost]
        //[ValidateAntiForgeryToken]
        public ActionResult LogOff()
        {
            AuthenticationManager.SignOut();
            return RedirectToAction("Index", "Home");
        }

        //
        // GET: /Account/ExternalLoginFailure
        [AllowAnonymous]
        public ActionResult ExternalLoginFailure()
        {
            return View();
        }

        [ChildActionOnly]
        public ActionResult RemoveAccountList()
        {
            var linkedAccounts = UserManager.GetLogins(User.Identity.GetUserId());
            ViewBag.ShowRemoveButton = HasPassword() || linkedAccounts.Count > 1;
            return (ActionResult)PartialView("_RemoveAccountPartial", linkedAccounts);
        }

        protected override void Dispose(bool disposing)
        {
            if (disposing && UserManager != null)
            {
                UserManager.Dispose();
                UserManager = null;
            }
            base.Dispose(disposing);
        }

        #region Helpers
        // Used for XSRF protection when adding external logins
        private const string XsrfKey = "XsrfId";

        private IAuthenticationManager AuthenticationManager
        {
            get
            {
                return HttpContext.GetOwinContext().Authentication;
            }
        }

        private async Task SignInAsync(ApplicationUser user, bool isPersistent)
        {
            AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
            var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
            AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, identity);
        }

        private void AddErrors(IdentityResult result)
        {
            foreach (var error in result.Errors)
            {
                ModelState.AddModelError("", error);
            }
        }

        private bool HasPassword()
        {
            var user = UserManager.FindById(User.Identity.GetUserId());
            if (user != null)
            {
                return user.PasswordHash != null;
            }
            return false;
        }

        public enum ManageMessageId
        {
            ChangePasswordSuccess,
            SetPasswordSuccess,
            RemoveLoginSuccess,
            Error
        }

        private ActionResult RedirectToLocal(string returnUrl)
        {
            if (Url.IsLocalUrl(returnUrl))
            {
                return Redirect(returnUrl);
            }
            else
            {
                return RedirectToAction("Index", "Home");
            }
        }

        private class ChallengeResult : HttpUnauthorizedResult
        {
            public ChallengeResult(string provider, string redirectUri) : this(provider, redirectUri, null)
            {
            }

            public ChallengeResult(string provider, string redirectUri, string userId)
            {
                LoginProvider = provider;
                RedirectUri = redirectUri;
                UserId = userId;
            }

            public string LoginProvider { get; set; }
            public string RedirectUri { get; set; }
            public string UserId { get; set; }

            public override void ExecuteResult(ControllerContext context)
            {
                var properties = new AuthenticationProperties() { RedirectUri = RedirectUri };
                if (UserId != null)
                {
                    properties.Dictionary[XsrfKey] = UserId;
                }
                context.HttpContext.GetOwinContext().Authentication.Challenge(properties, LoginProvider);
            }
        }
        #endregion
    }
}